Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

R: Cursor Injection - A New Method for Exploiting PL/SQL Injection and Potential Defences

From: <bunker () fastwebnet it>
Date: Mon, 26 Feb 2007 12:41:17 +0100 (CET)
----Original message----
From: davidl () ngssoftware com
Date: 26/02/2007 7.13
To: <full-disclosure () lists grok org uk>, <bugtraq () securityfocus com>
Subject: [Full-disclosure] Cursor Injection - A New Method for Exploiting      

PL/SQL Injection and Potential Defences

{CUT}
http://www.databasesecurity.com/ - it's called "Cursor Injection - A New 
Method for Exploiting PL/SQL Injection and Potential Defences".


Very good work, man!
I'm trying your new "cursor injection" tip on my systems and it works right!


Thanks,
--
Andrea "bunker" Purificato
+++++++++++[>++++++>+++++++++++++++++++++++++++++++++>++++
++++++<<<-]>.>++++++++++.>.<----------.>---------.<+++++++.

http://rawlab.mindcreations.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: